b29f6f94721c3a2c42355daab6aadab880505ff56b39a7a054f6ddede85a5471 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

046554f958db19f0f03e89a264db78ea_JaffaCakes118
Size

111KB
Sample

241001-e8th2a1ckn
MD5

046554f958db19f0f03e89a264db78ea
SHA1

bad2b5ea50d4407ee440543790b551208736386c
SHA256

b29f6f94721c3a2c42355daab6aadab880505ff56b39a7a054f6ddede85a5471
SHA512

c157808584461ce51201c72646ea282bdf0cdf530850ac995c2689aeed22dc61462c863abcd84783657c3c815f2e70e93113f3ce670a82dbc45f592ab6ccead7
SSDEEP

3072:btf18giGtpKIlgTDEfuIEzRdrZ9r8viQ0RQ:9qIlgHEfeZ

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  046554f958db19f0f03e89a264db78ea_JaffaCakes118
- Size
  
  111KB
- MD5
  
  046554f958db19f0f03e89a264db78ea
- SHA1
  
  bad2b5ea50d4407ee440543790b551208736386c
- SHA256
  
  b29f6f94721c3a2c42355daab6aadab880505ff56b39a7a054f6ddede85a5471
- SHA512
  
  c157808584461ce51201c72646ea282bdf0cdf530850ac995c2689aeed22dc61462c863abcd84783657c3c815f2e70e93113f3ce670a82dbc45f592ab6ccead7
- SSDEEP
  
  3072:btf18giGtpKIlgTDEfuIEzRdrZ9r8viQ0RQ:9qIlgHEfeZ
Score

7^/10

discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence